ECOOP 2022
Mon 6 June - Thu 7 July 2022 Berlin, Germany
Tue 7 Jun 2022 09:30 - 09:55 at Copenhagen 1 - Session 1 Chair(s): Linghui Luo

GitLab integrates 14 different SAST tools for different purposes and languages. These tools are available under https://gitlab.com/gitlab-org/security-products/analyzers as docker images. In this presentation we will explore how we developed a proof-of-concept language-agnostic IDE integration for GitLab based on MagpieBridge that leverages the dockerized SAST tools and the GitLab API to highlight SAST results in the IDE. In addition, we will show how we used the MagpieBridge HTTP server in order to provide a birds-eye view of security findings (severity, CWE, location) that are part of the analyzed project sources.

Tue 7 Jun

Displayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change

09:00 - 10:30
Session 1PRIDE at Copenhagen 1
Chair(s): Linghui Luo Amazon Web Services
09:15
15m
Talk
Welcome by the Organizers
PRIDE

09:30
25m
Talk
A GitLab IDE Integration Based on MagpieBridge
PRIDE
Julian Thome GitLab Inc.
File Attached
09:55
35m
Talk
GobPie: An IDE Integration for Goblint Using MagpieBridge
PRIDE
Karoliine Holter University of Tartu, Estonia, Sarah Tilscher
File Attached